Primary

Context

DinukaNavaratna Dee Store Missing Authorization Vulnerability

Vulnerability

A missing authorization vulnerability has been identified in DinukaNavaratna Dee Store version 1.0. This issue allows unauthorized users to access resources or perform operations without proper authorization checks. The vulnerability can be exploited remotely, affecting multiple endpoints within the application.

Impact

Exploitation of this vulnerability allows unauthorized users to perform sensitive operations within the application, potentially leading to unauthorized access or manipulation of data.

Reproduction

The vulnerability can be reproduced by sending requests to the affected endpoints without including any authentication credentials. The absence of authorization checks will allow the requests to be processed, enabling access to restricted resources or functionalities.

Added: Nov 12, 2025, 9:24 PM

Updated: Nov 12, 2025, 9:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.9

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

8.7

remediation

0.0

relevance

0.9

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DinukaNavaratna Dee Store Missing Authorization Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating